[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: user authentication and changing passwords
Joseph,
Did you try adding these lines?
> > # Entry = dn and is needed to access the entries at all
> > access to attr=entry
> > by * read
Have you looked at the /var/log/ldap.log file? There may
be some clues in there.
Kelli
-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Joseph Hoot
Sent: Monday, September 25, 2000 1:14 PM
To: openldap-software@OpenLDAP.org
Subject: Re: user authentication and changing passwords
sorry, left out a few lines of my slapd.conf. Here they are:
# Allow clients to authenticate
access to
attr=objectclass,uid,host,uidnumber,gidnumber,homedirectory,loginshell,gecos
,description
by dn="cn=Manager,dc=nowcom,dc=com" write
by * read
> I have the following ACL:
>
> # Deny all unless specifically allowed
> defaultaccess none
>
> # Allow the manager and user to change the user's password
> access to attr=userpassword
> by self write
> by dn="cn=Manager,dc=nowcom,dc=com" write
> by * search
>
> # Allow the following fields to be seen by the world
> access to attr=mail,cn,sn,givenname,o,ou,title,uid,telephoneNumber
> by * read
>
>
> I am trying to A) authenticate users still and B) allow them to change
their
> passwords. Currently both of these aren't working with the above ACL.
>
Joseph Hoot
System Administrator
http://www.networkpenguin.com
joe@networkpenguin.com